On Mon, 2009-09-28 at 12:37 -0700, Sebastian Canevari wrote: > Hi Andrew, > > I have some information to share with you. > > Attached, you will find a PDF with the modified sections detailing the > calculations of the SALT for the various account types. > > Please let me know if this answers your request.
Yes, this is exactly what I was after, but seems to be missing the information provided last year about how interdomain trust accounts fit into the problem: > KILE concatenates the following information to use as the > key salt for realm trusts: > > Inbound trusts: <all upper case name of the remote > realm> | “krbtgt” | <all upper case name of the local realm> > > Outbound trusts: <all upper case name of the local > realm> | "krbtgt" | <all upper case name of the remote realm> > This worries me, because it implies that either the information is still spread out, or that changes we discuss here are not actually surviving into the docs. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
